This group should mostly be dealing with how web applications enable networking security issues that are otherwise not there. Everything is being tunneled over port 80 now so what does that enable and how do we fix it?

Anyone able to explain/discuss with me in any depth why RC4-MD5 encryption for ssl would be considered a medium security encryption? Are their available utilities etc. for simplified decryption that I may not know about that make it more of a security risk.

for a cryptographer, it's broken, dead, don't talk about it. too much design flaws, both MD5 and RC4.
MD5 has a collision space which is *ginormous* (we are speaking here of guys who computes mersennes primes in their heads FFS) and RC4 has a really *weak* PRNG scheme (like the one you love when you launch aircrack)

SHA1 has been broken but AFAIK SHA128 and upper are still considered secure. but it's just a matter of time, as it's a pure question of computing power.
you'll note that in a HMAC scheme, where you ignore collisions (yeah, intercepting a packet, modifying the payload (if it's not encrypted), and finding a collision, and reemiting the packet. in realtime. roger me senseless with a sledgehammer if you can do that)

in conclusion, avoid RC4 at all cost (not even good enough to stirr an entropy pool), but as long as you're in an HMAC situation, MD5 still worth a try.